package com.peanut.controller;

import com.mvc.annotation.RequestBody;
import com.mvc.annotation.RequestMapping;
import com.mvc.annotation.ResponseBody;
import com.mvc.annotation.Valid;
import com.peanut.constants.Constants;
import com.peanut.constants.Status;
import com.peanut.entity.AdminUser;
import com.peanut.entity.JsonResult;
import com.peanut.entity.vo.LoginDO;
import com.peanut.service.AdminUserService;
import com.peanut.service.PermissionService;
import com.spring.annotation.Autowired;
import com.spring.annotation.Controller;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.List;
import java.util.Map;


/**
 * 专门负责登录和登出
 */

@Controller
public class LoginController {
	
	@Autowired
	private AdminUserService adminUserService;
	
	@Autowired
	private PermissionService permissionService;
	
	
	@RequestMapping(value = "/login.do")
	@ResponseBody
	public JsonResult login(@Valid @RequestBody LoginDO loginDO, HttpServletRequest request, HttpServletResponse response) {
		HttpSession session = request.getSession();
		String code = (String) (session.getAttribute("KAPTCHA_SESSION_KEY")); //KAPTCHA_SESSION_KEY
		
		if (code != null && code.equals(loginDO.getCode())) {
			AdminUser login = adminUserService.login(loginDO.getName(), loginDO.getPassword());
			if (login != null) {
				if(!login.getIsValid().equals(1)){
					// 账号没有处于有效正常状态
					return JsonResult.status(Status.ACCOUNT_DISABLED);
				}
				
				if(login.getRoleId()== null){
					// 账号暂时没有角色，无权操作任何内容
					return JsonResult.status(Status.NO_ROLE);
				}
				
				
				
				session.setAttribute(Constants.LOGIN_USER, login);
				/**
				 * 放入权限  , 查 roleId 对应的角色权限 ，不放权限的话，后续操作会被权限拦截器拦截掉
				 */
				Map<Integer,List<String>> permissionsMap =
						(Map<Integer,List<String>> )(request.getServletContext().getAttribute(Constants.PERMISSIONS));
				if(permissionsMap==null){
					permissionsMap = new HashMap<>();
					request.getServletContext().setAttribute(Constants.PERMISSIONS,permissionsMap);
				}
				
				List<String> allPermissionByRoleId = permissionService.getAllPermissionByRoleId(login.getRoleId());
				
				permissionsMap.put(login.getRoleId(),allPermissionByRoleId);  // 权限放入全局作用域
				
				Boolean rememberMe = loginDO.getRememberMe();
				if (rememberMe != null && rememberMe) {
					session.setMaxInactiveInterval(7200);
					Cookie cookie = new Cookie("JSESSIONID", session.getId());
					cookie.setHttpOnly(true);
					cookie.setMaxAge(7200);
					
					response.addCookie(cookie);  // 必须把cookie 发回去才能让客户端保存cookie ，只有server保存会话信息没用的
				}
				
				return JsonResult.status(Status.LOGIN_SUCCESS);
			}
			return JsonResult.status(Status.ACCOUNT_NOT_RIGHT);
		} else {
			return JsonResult.status(Status.CHECK_CODE_ERROR);
		}
	}
	
	@RequestMapping(value = "/logout.do")
	@ResponseBody
	public JsonResult logout(HttpServletRequest request) {
		HttpSession session = request.getSession();
		if(session != null){
			session.invalidate();
		}
		return JsonResult.status(Status.LOGOUT_SUCCESS);
	}
}
